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Amend the claims as indicated below. 



1 1. (Currently amended) A method comprising: 

2 receiving user information from a user, wherein the user information comprises 

3 identification information and account access information: 

4 receiving aooount acc e ss information - frogn - ^us e r; 

5 accessing a user &e-account using the received user a ecess-information; 

6 obtatningjuser information from third parties using the received user 

7 information: and 

8 hafv ostkig data from a w e b page assook rted-wRh-the accoi t n t-- aB 4 

9 authenticating the user's ability to access the account based on the obtained 

1 0 information s wherein authenticating comprises verifying the user's identity by 

11 comparing user information received with user information obtained , 

1 2. (Originally presented) A method as recited in. claim 1 further 

2 comprising determining a risk associated with the user, 

1 3. (Currently amended) A method as recited in claim 1 wherein obtaining 

2 user information from third parties comprises harvesting data from a web page 

3 accessed using the received user information furth e r comprioinR verifying a u ge r 

4 i d entity bas e d on informa ti on p ro vided by th e us e r . 

]. 4. (Currently amended) A method as recited in claim 1 wherein the third 

2 parties comprise furth e r comprising v e rify - n r g - a us e r identity based on in formation 

3 provided by a credit reporting service and a department of motor vehicles . 
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1 5. (Originally presented) A method as recited in claim 1 further 

2 comprising handling financial transactions initiated by the user and associated with the 

3 account. 

1 6. (Originally presented) A method as recited in claim 1 further 

2 comprising handling financial transactions initiated by the user and associated with the 

3 account if the user's ability to access the account is authenticated. 

1 7. (Currently amended) A method as recited in claim 1 wherein 

2 authenticating the user's ability to access the account includes comprises verifying one 

3 or more of the user's social security numbe r, name, address, phone number, date of 

4 birth, and driver's license number , 

1 8. (Currently amended) A method as recited in claim 1, wherein 

2 authenticating the user s ability to access the account comprises presenting the user 

3 with a challenge question, to be answered by the nse ri nclu d es verifying the user's 

4 driver's licens e numb e r . 

1 9. (Originally presented) A method as recited in claim 1 further 

2 comprising initiating a trial deposit into the account to further authenticate the user's 

3 ability to access the account. 

1 10. (Originally presented) A method as recited in claim. 1 wherein the 

2 account is a financial account. 

1 11. (Currently amended) A method as recited in claim .1.0 further 

2 comprising requesting a cancelled check associated with the financial account to 

3 further authenticate the user's ability to access the financial accoun t, and comparing 

4 information on the cancelled check with information obtained from third-party sources . 
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1 12. (Originally presented) One or more computer-readable memories 

2 containing a computer program that is executable by a processor to perform the method 

3 recited in claim 1. 

1 13* (Currently amended) A method comprising: 

2 receiving financial account access information from a use r regarding a user 

3 account at a financial institution : 

4 obtaining information, regarding the financial account from, a financial data 

5 source; and 

6 authenticating the user's ability to access the financial account based on the 

7 obtained informatio n, comprising comparing the information received from th e user to 

8 the information obtained from the financial data source, wherein the financial data 

9 source is a third party separate from the financial institution . 

1 14. (Originally presented) A method as recited in claim 13 further 

2 comprising determining a risk associated with the user. 

1 15, (Currently amended) A method as recited in claim 13 further 

2 comprising verifying a user identity based on information provided by the uscr^ 

3 wherein verifying comprises comparing information received from the user with 

4 information obtained from a third party , 

1 16, (Currently amended) A method as recited in ctaim 13 further 

2 comprising verifying a user identity based on information obtained from g rovided-bv^a 

3 third-party source comprising a credit reporting service. 

1 17. (Originally presented) A method as recited in claim 13 further 

2 comprising handling financial transactions ini tiated by the user and associated with the 

3 financial account. 
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1 18. (Originally presented) A method as recited in claim 1 3 further 

2 comprising handling financial transactions initiated by the user and associated with the 

3 financial account if the user's ability to access the financial account is authenticated. 

1 19, (Currently amended) A method as recited in claim 1 3 wherein 

2 authenticating the user's ability to access the financial account comprises verifying one 

3 ormgreof the user's social security number * name, address, phone number, date of 

4 birth, and driver's license number . 

1 20. (Currently amended) A method as recited in claim 13 wherein 

2 authenticating the user's ability to access the financial account comprises presenting 

3 the user with a challenge question to be answered by the use ri nolud e s verifying th e 

4 us e r's driver - s - lio e nge number , 

1 21 . (Originally presented) A method as recited in claim 13 further 

2 comprising initiating a trial transfer to .further authenticate the user's ability to access 

3 the financial account. 

1 22. (Originally presented) A method as recited in claim 13 further 

2 comprising requesting a cancelled check associated with the financial account to 

3 further authenticate the user's ability to access the financial account 

1 23. (Originally presented) One or more computer-readable memories 

2 containing a computer program that is executable by a processor to perform the method 

3 recited in claim 13, 

1 24. (Currently amended) A method of authenticating a user's ability to 

2 access a financial account, the method comprising: 



5 of 17 



PAGE 6/18 * RCVD AT 5/4/2007 9:18:32 PM [Eastern Daylight Time] * SVR:USPTO-EFXRF-5/13 1 DNIS:2738300 1 CS1D:14083421909 * DURATION (mm-ss):02-38 



'05/04/12007 17:18 14083421909 

Atty. Docket No.: CSHE.P004 



CSG IP LAW 



PAGE 07/18 



Patent 



3 making a first transfer associated with the financial accoun t, wherein the first 

4 transfer is executed by a financial management system coupled between a user 

5 computer and a plurality of financi al institutions : 

6 requesting the user to identify the amount of the first transfer; 

7 confirming the user's ability to access the financial account if the user correctly 

8 identifies the amount of the first transfer; and 

9 denying the user's ability to access the financial account if the user does not 
10 correctly identify the amount of the first transfer. 

1 25, (Originally presented) A method as recited in claim 24 wherein the first 

2 transfer is a credit transfer. 

1 26. (Originally presented) A method as recited in claim 24 wherein the first 

2 transfer is a debit transfer. 

1 27. (Originally presented) A method as recited in claim 24 further 

2 comprising making a second transfer associated with the financial account and 

3 requesting the user to identify the amount of the second transfer. 

1 28. (Originally presented) A method as recited in claim 27 further 

2 comprising confirming the user's ability to access the financial account if the user 

3 correctly identifies the amount of the first transfer and the amount of the second 

4 transfer. 

1 29. (Originally presented) A method as recited in claim 27 further 

2 comprising harvesting data from a web page associ ated with the financial account and 

3 authenticating the user's ability to access the financial account based on data harvested 

4 from the web page associated with, the financial account. 
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1 30. (Originally presented) A method as recited in claim 27 further 

2 comprising retrieving data from a financial data server associated with the financial 

3 account and authenticating the user's ability to access the financial account based on 

4 data retrieved from the financial data server associated with the financial account. 

1 31. (Currently amended) A computer implemented method comprising: 

2 receiving account access information from, a user; 

3 receiving user identification information from the user; 

4 obtaining information regarding the accoun t, comprising obtaining information 

5 from a third nartv source using the account access information received from the user; 

6 comparing the information obtained regarding the account with the 

7 identification information received from the user; arid 

8 authorizing the user to access the account if the information obtained regarding 

9 the account matches the identification information received from the user. 

1 32. (Originally presented) The method of claim 3 1 wherein the user 

2 identification information includes the user's name. 

1 33, (Currently amended) The method of claim 3 1 wherein the user 

2 identification information includes the user's maili n g address, name , phone number. 

3 date of birth and driver's license number , 

1 34. (Originally presented) The method of claim 3 1 wherein the user 

2 identification information includes the user's email address. 

1 35. (Originally presented) The method of claim 3 1 further comprising 

2 preventing the user from accessing the account if the information obtained regarding 

3 the account does not match the identification information received from the user. 
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1 36. (Originally presented) The method of claim 31 wherein obtaining 

2 information regarding the account includes obtaining information from a financial data 

3 source, 

1 37. (Originally presented) The method of claim 31 wherein obtaining 

2 information regarding the account includes harvesting data from a web page associated 

3 with the account. 

1 38. (Originally presented) The method of claim 3 1 wherein the account is a 

2 financial account providing online user access. 

1 39. (Currently amended) A method comprising: 

2 a financial management system receiving account information from a user, 

3 wherein the account can be accessed via an online connection , wherein the financial 

4 management system is coupled among a user device and a plurality of financial 

5 institutions via a network : 

6 the financial management system receiving user identification information from. 

7 the user j 

8 the financial management svstem obtaining information regarding the account 

9 via an online connection ,, wherein the information is obtained from one or more 

10 sources via the network ; 

1 1 the financial management svstem comparing the information obtained 

1 2 regarding the account with the identification information received from the user; and 

1 3 the financial management system authorizing the user to execute actions with 

1 4 respect to the account if the information obtained regarding the account matches the 

1 5 identification information received from the user. 

1 40. (Originally presented) The method of claim 39 wherein the user 

2 identification information includes the user's name. 
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1 4 L (Originally presented) The method of claim 39 wherein the user 

2 identification information includes the user's account number. 

1 42. (Originally presented) The method of claim 39 wherein the user 

2 identification information includes the user's mailing address. 

1 43. (Originally presented) The method of claim 39 further comprising 

2 preventing the user from executing actions with respect to the account if the 

3 information obtained regarding the account does not match the identification 

4 information received from the user. 

1 44. (Originally presented) The method of claim 39 wherein obtaining 

2 information regarding the account includes harvesting data from a web page associated 

3 with the account, 

1 45. (New) A user authentication method for allowing the user access to a 

2 user account at one of a plurality of financial institutions, the method comprising: 

3 a third-party financial management system collecting user information; 

4 the third-party .financial management system collecting user financial account 

5 information, wherein the third-party financial management system is coupled among 

6 the user and the plurality of financial institutions via at least one network; 

7 the third-party financial management system collecting information about the 

8 plurality of financial institutions; 

9 defining a set of authentication rules to authenticate the user; 

1 0 the third-party financial management system receiving a request from the user 

1 1 to access a user account, wherein the request includes authentication information from 

1 2 the user; 

1 3 the third-party financial management system applying the authentication rules 

14 to determine whether to authenticate the user; 
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1 5 when the user is successfully authenticated, retrieving risk information related 

16 to the user, wherein risk information comprises historical data related to user 

17 transactions; 

1 8 when the user is successfully authenticated, the third-party financial 

1 9 management system determining whether to allow access to the user account, wherein 

20 access includes the third-party financial management system executing a requested 

2 1 transaction on behalf of the user. 

1 46. (New) The method of claim 45 3 wherein risk information further 

2 comprises: 

3 average balances of user accounts; 

4 movement of funds between user accounts; and 

5 success rates of transactions requested involving user accounts, 

1 47, (New) The method of claim 45, wherein risk information further 

2 comprises: 

3 previous transaction, history; 

4 previous session history, including duration of account access; 

5 account set-up history; 

6 time elapsed since last transaction;. 

7 time elapsed since account added; 

x 8 affiliations of an account with other users; 

9 comparison of a geographic location of the request and geographic locations of 

10 previous requests, including detennining distance between geographic locations, times 

1 1 of transactions executed from particular geographic locations, and types of connections 

12 used at particular geographic locations. 
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1 48. (New) The method of claim 45, wherein determining whether to allow 

2 access to the user account comprises allowing conditional acce$$ to the user account, 

3 comprising imposing conditions including: 

4 changing a dollar amount limit on a transaction; 

5 changing a settlement period for a transaction; and 

6 requiring additional authentication procedures. 

1 49, (New) The method of claim 45, further comprising updating the risk 

2 information based on requested u$er transactions and updated user information.. 

1 50. (New) The method of claim 45, wherein the third-party financial 

2 management system collects user financial account information from the plurality of 

3 financial institutions. 

1 51. (New) The method of claim 45, wherein the user information is 

2 collected in one or more manners selected from a group comprising, collecting directly 

3 from the user, collecting from an agency that holds user information, collecting from 

4 one of the plurality of financial institutions, and screen-scraping the user information 

5 via one of the at least one networks. 

1 52. (New) A financial management system., comprising: 

2 a communication interface through which the financial management system 

3 communicates via at least one network with a plurality of financial institutions and 

4 with a user device; 

5 a transaction execution module configurable to execute user-requested 

6 transactions with the plurality of financial institutions on behalf of the user; and 

7 an authentication and risk analysis module configured to collect risk 

8 information comprising historical data related to user-requested transactions, and 

9 further configured to authenticate the user when the user requests a transaction. 
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1 53. (New) The system of claim 5 2, wherein the authentication and risk 

2 analysis module is further configured to define a set of authentication rules to 

3 authenticate the user, and wherein authenticating the user comprises applying the 

4 authentication rules to determine whether to authenticate the user. 

1 54. (New) The system of claim 53, wherein application of the 

2 authentication rules results in one or more of initiation of an additional, authentication 

3 process and issuance of a one-time useable password. 

1 55. (New) The system of claim 53, wherein risk information further 

2 comprises: 

3 average balances of user accounts; 

4 movement of funds between user accounts; and 

5 success rates of transactions requested involving user accounts. 

1 56. (New) The system of 55, wherein the risk information further 

2 comprises: 

3 previous transaction history; 

4 previous session hi story , including duration of account access; 

5 account set-up history; 

6 time elapsed since last transaction; 

7 time elapsed since account added; 

8 affiliations of an account with other users; 

9 comparison of a geographic location of the request and geographic locations of 

10 previous requests, including determining distance between geographic locations, times 

1 1 of transactions executed from particular geographic locations, and types of connections 

12 used at particular geographic locations. 
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1 57. (New) The system of claim 53, wherein determining whether to 

2 authenticate the user comprises conditionally authenticating the user, comprising 

3 imposing conditions on the transaction, including; 

4 changing a dollar amount limit on the transaction; 

5 changing a settlement period for the transaction; 

6 requiring additional authentication procedures; and 

7 rerouting the transaction through another channel. 

1 58. (New) The system of claim. 52 5 further comprising updating the risk 

2 information based on requested user transactions and updated user information. 

1 59. (New) The system of claim 52, wherein the authentication and risk 

2 analysis module collects user financial account information from the plurality of 

3 financial institutions. 

1 60. (New) The system of claim 52, wherein the authentication and risk 

2 analysis module collects the user information in one or more maimers selected from a 

3 group comprising collecting directly from the user, collecting from an agency that 

4 holds user information, collecting from one of the plurality of financial institutions, and 

5 screeo-scraping the user information via one of the at least one networks. 

1 6h (New) The system of claim 52, wherein executing the user-requested 

2 transaction comprises: 

3 in a first part of the transaction, the financial management system executing a 

4 transaction with a first financial institution; 

5 the financial management system holding the funds from the transaction in an 

6 intermediate account owned by the financial, management system at a third financial 

7 institution; and 
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S in a second part of the transaction, the financial management system executing 

9 a transaction with a second financial institution to deposit the funds in an account at the 

1 0 second financial institution. 

1 62. (New) The system of claim 52, wherein the authentication and risk 

2 analysis module comprises: 

3 an authentication and risk analysis engine; and 

4 a user account information collection module coupled to the authentication and 

5 risk analysis engine, wherein the authentication and risk analysis engine is configurable 

6 to apply authentication rules and to determine a level of risk associ ate with a user- 

7 requested transaction. 

1 63 (New) The system of claim 62, wherein determining the level of risk 

2 includes computing a probability of risk. 

1 64. (New) The system of claim 52, wherein the authentication and risk 

2 analysis module further comprises a user an authentication analysis logic module 

3 coupled to the authentication and risk analysis engine, wherein the user authentication 

4 analysis module is configurable to develop authentication rules. 

1 65. (New) The system of claim 52, wherein the authentication and risk 

2 analysis module further comprises a risk analysis logic module coupled to the 

3 authentication and risk analysis engine, wherein the risk analysis module is 

4 configurable to analyze risk information. 

1 66. (New) The system of claim 52, wherein the authentication and risk 

2 analysis module further comprises a financial institution and market data collection 

3 module coupled to the authentication and risk analysis engine. 
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1 67. (New) A computer-readable medium having stored thereon 

2 instructions, that when executed, cause a user-authentication method to be performed, 

3 the method comprising: 

4 a third-party financial management system collecting user information; 

5 the third-party financial management system collecting user financial account 

6 information, wherein the third-party financial management system is coupled among 

7 the user and the plurality of financial institutions via at least one network; 

8 the third-party financial management system collecting information about the 

9 plurality of financial institutions; 

1 0 defining a set of authentication rules to authenticate the user; 

1 1 the third-party financial management system receiving a request .from the user 

12 to access a user account, wherein the request includes authentication information from 

13 the user; 

14 the third-party financial management system applying the authentication rules 

15 to determine whether to authenticate the user; 

1 6 when the user is successfully authenticated, retrieving risk information related 

1 7 to the user, wherein risk information comprises historical data related to user 

18 transactions; 

19 when the user is successfully authenticated, the third-party financial 

20 management system determining whether to allow access to the user account, wherein 

21 access includes the third-party financial management system executing a requested 

22 transaction on behalf of the user. 

1 68, (New) The computer-readable medium of claim 67, wherein risk 

2 information further comprises: 

3 average balances of user accounts; 

4 movement of funds between user accounts; and 

5 success rates of transactions requested involving user accounts. 
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1 69. (New) The computer-readable medium of claim 67, wherein 

2 determining whether to allow access to the user account comprises allowing 

3 conditional access to the user account, comprising imposing conditions including: 

4 changing a dollar amount limit on a transaction; 

5 changing a settlement period for a transaction; 

6 requiring additional authentication procedures; and 

7 rerouting the transaction through another channel. 

1 70. (New) The computer-readable medium of claim 67, wherein the 

2 method further comprises updating the risk information based on requested user 

3 transactions and updated user information. 

1 71. (New) The computer-readable medium of claim 67, wherein the third- 

2 party financial management system collects user financial account information from 

3 the plurality of financial institutions, 

1 72. (New) The computer-readable medium of claim. 67, wherein the user 

2 information is collected in one or more manners selected from a group comprising, 

3 collecting directly from the user, collecting from an agency that holds user information, 

4 collecting from one of the plurality of financial institutions, and screen-scraping the 

5 user information via one of the at least one networks. 
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